As the computing capabilities of mobile devices become more and more powerful, consumers are increasingly using their mobile devices to access the internet and to perform more and more complex tasks. For example, mobile devices are being used in an increasing manner to access services and subscriptions through applications running on mobile devices. These applications enable consumers, for example, to conduct payment transactions, access bank accounts, and access subscribed content. To facilitate access to services and subscriptions via mobile devices, consumers are entrusting their mobile devices and the applications running thereon with sensitive data such as Personal Identifiable Information (for example, birth dates, social security numbers, etc.) and Personal Account Information (for example, credit card numbers, account numbers, passwords, etc.). As a result, mobile devices are becoming a popular and attractive target for viruses, malware, and phishing attempts.
With an increase in reliance on applications running on mobile devices to secure access to services and subscriptions, the mobile devices are continuously storing and interacting with sensitive data. The sensitive data can be stored in different areas of the device and can be controlled and managed by multiple applications. Sensitive data may also be channeled to a device through user input, applications, cameras, sensors, interactions with other devices, removable media or any other suitable means. The amount of sensitive data that is stored and managed on the mobile device will continue to increase with the reliance on such devices.
As a way of protecting the sensitive data, mobile devices may use a secure element in the form of a hardware chip to process and access sensitive data. However, the amount of sensitive data that can be protected by a secure element may be hindered by the computing resources and storage capacity of the secure element. Users may install security sensitive applications as more and more security sensitive tasks are being performed. However, the variation of support for security functionality between any two devices is too large for rapid development and secure deployment of security sensitive applications. For example, in a “bring your own device” environment, even within a single corporation many hundreds of variations of hardware, operating systems and security hooks exist.
The significant variations in the operating environments for the various devices can lead to development of applications that use the least common denominator in terms of security features offered based on a combination of hardware and operating system resources in the various operating environments. In many instances, the device itself does not support the security functions desired by the security application, thereby reducing the options available for running the application securely, implementing security algorithms in the application itself or not installing or running the security sensitive application on the device at all.
Embodiments of the present disclosure address these and other problems, individually and collectively.